kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/www/mediawiki
History
wen 49355a3707 Update to 1.24.2 
Upstream changes:
MediaWiki 1.24.2
This is a security and maintenance release of the MediaWiki 1.24 branch.

Changes since 1.24.1
(bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that contain XML entities, to prevent various DoS attacks.
(bug T85848) SECURITY: Don't allow directly calling Xml::isWellFormed, to reduce likelihood of DoS.
(bug T88310) SECURITY: Always expand xml entities when checking SVG's.
(bug T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS.
(bug T85855) SECURITY: Don't execute another user's CSS or JS on preview.
(bug T64685) SECURITY: Allow setting maximal password length to prevent DoS when using PBKDF2.
(bug T85349, bug T85850, bug T86711) SECURITY: Multiple issues fixed in SVG filtering to prevent XSS and protect viewer's privacy.
Fix case of SpecialAllPages/SpecialAllMessages in SpecialPageFactory to fix loading these special pages when $wgAutoloadAttemptLowercase is false.
(bug T70087) Fix Special:ActiveUsers page for installations using PostgreSQL.
(bug T76254) Fix deleting of pages with PostgreSQL. Requires a schema change and running update.php to fix.
2015-04-06 15:30:03 +00:00
..
files
DESCR
distinfo Update to 1.24.2 2015-04-06 15:30:03 +00:00
Makefile Update to 1.24.2 2015-04-06 15:30:03 +00:00
MESSAGE
options.mk
PLIST Update to 1.24.2 2015-04-06 15:30:03 +00:00